<?php 
    session_start();//UTF-8无BOM就是为了处理这个问题 
	//由于为专用系统,只通过用户ID,密码进入
	
	include_once("./public/common.php");
	include_once("./public/verify.php");
	
	$uid = getPOSTPara('uid');
	$password = getPOSTPara('password');
	//检查参数合法性
	if(!is_numeric($uid)){
		echo "404";
		return false;
	}
	$uid = intval($uid);
	$password = strFilter($password);

	//检查验证码
	$capt = getPOSTPara('captcha');
	$sessionCapt = empty($_SESSION['captcha'])?null:$_SESSION['captcha'];
	if($capt == null  || trim(strtolower($capt)) != $sessionCapt) {
		echo "identifying code wrong!";
		unset($_SESSION['captcha']);
		return false;
	}

	unset($_SESSION['captcha']);

	
	include_once("./public/opDB.php");
	$res = mysql_query("select `password`,`delflag` from `user` where uid=".$uid." limit 0,1");
	if(!$res || empty($res)){
		echo "404";
		return false;
	}
	$res = mysql_fetch_array($res);
	$pwd = $res['password'];
	$delflag = $res['delflag'];
	//echo $pwd,"|",$password;
	if($delflag != 0 || strcmp($pwd,$password)!=0 ){
		echo "fail to pass the verification";
		return false;
	}
	//echo "welcome";
	
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">


<ul>
<?php
	$saltlen = mt_rand(5,11);
	$salt = '';
	for($i=0;$i<$saltlen;++$i){
		$salt .= chr(ord('A')+mt_rand(0,25));
	}
	
	$row = mysql_query("select `device`.`did`,`sensordata`.`sid` from `device`,`sensordata` where `device`.`uid`=".$uid." and `device`.`did`=`sensordata`.`did` order by `device`.`did` limit 0,20");
	
	echo "<ul>";
	while($res = mysql_fetch_array($row)){
		$sid = $res['sid'];
		$did = $res['did'];
		$spe= specialEncode($sid,$salt);
		$spesa = specialEncode($salt,$constSalt);
		echo'<li><a href=show.php?spe='.urlencode($spe).'&spesa='.urlencode($spesa).'>device:'.$did.',sensor:'.$sid.'</a></li>';
	}
	echo "</ul>";
?>
</ul>



</html>